summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/rand
diff options
context:
space:
mode:
authorbeck <>2000-12-15 02:58:47 +0000
committerbeck <>2000-12-15 02:58:47 +0000
commit9200bb13d15da4b2a23e6bc92c20e95b74aa2113 (patch)
tree5c52d628ec1e34be76e7ef2a4235d248b7c44d24 /src/lib/libcrypto/rand
parente131d25072e3d4197ba4b9bcc0d1b27d34d6488d (diff)
downloadopenbsd-9200bb13d15da4b2a23e6bc92c20e95b74aa2113.tar.gz
openbsd-9200bb13d15da4b2a23e6bc92c20e95b74aa2113.tar.bz2
openbsd-9200bb13d15da4b2a23e6bc92c20e95b74aa2113.zip
openssl-engine-0.9.6 merge
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/rand/Makefile.ssl42
-rw-r--r--src/lib/libcrypto/rand/md_rand.c331
-rw-r--r--src/lib/libcrypto/rand/rand.h25
-rw-r--r--src/lib/libcrypto/rand/rand_egd.c57
-rw-r--r--src/lib/libcrypto/rand/rand_lcl.h184
-rw-r--r--src/lib/libcrypto/rand/rand_lib.c57
-rw-r--r--src/lib/libcrypto/rand/rand_win.c732
-rw-r--r--src/lib/libcrypto/rand/randfile.c31
8 files changed, 1147 insertions, 312 deletions
diff --git a/src/lib/libcrypto/rand/Makefile.ssl b/src/lib/libcrypto/rand/Makefile.ssl
index be8eea34a2..5f6199a35f 100644
--- a/src/lib/libcrypto/rand/Makefile.ssl
+++ b/src/lib/libcrypto/rand/Makefile.ssl
@@ -22,8 +22,8 @@ TEST= randtest.c
22APPS= 22APPS=
23 23
24LIB=$(TOP)/libcrypto.a 24LIB=$(TOP)/libcrypto.a
25LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c 25LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c rand_win.c
26LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o 26LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o rand_win.o
27 27
28SRC= $(LIBSRC) 28SRC= $(LIBSRC)
29 29
@@ -78,15 +78,45 @@ clean:
78 78
79# DO NOT DELETE THIS LINE -- make depend depends on it. 79# DO NOT DELETE THIS LINE -- make depend depends on it.
80 80
81md_rand.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h 81md_rand.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
82md_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h 82md_rand.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
83md_rand.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
83md_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h 84md_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
84md_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h 85md_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
85md_rand.o: ../../include/openssl/sha.h ../../include/openssl/stack.h 86md_rand.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
87md_rand.o: ../../include/openssl/symhacks.h rand_lcl.h
86rand_egd.o: ../../include/openssl/opensslconf.h ../../include/openssl/rand.h 88rand_egd.o: ../../include/openssl/opensslconf.h ../../include/openssl/rand.h
87rand_err.o: ../../include/openssl/err.h ../../include/openssl/rand.h 89rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
88rand_lib.o: ../../include/openssl/rand.h 90rand_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
91rand_err.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
92rand_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
93rand_err.o: ../../include/openssl/symhacks.h
94rand_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
95rand_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
96rand_lib.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
97rand_lib.o: ../../include/openssl/des.h ../../include/openssl/dh.h
98rand_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
99rand_lib.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
100rand_lib.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
101rand_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
102rand_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
103rand_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
104rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
105rand_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
106rand_lib.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
107rand_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
108rand_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
109rand_lib.o: ../../include/openssl/symhacks.h
110rand_win.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
111rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
112rand_win.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
113rand_win.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
114rand_win.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
115rand_win.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
116rand_win.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
117rand_win.o: ../cryptlib.h rand_lcl.h
89randfile.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h 118randfile.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
90randfile.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h 119randfile.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
91randfile.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h 120randfile.o: ../../include/openssl/opensslv.h ../../include/openssl/rand.h
92randfile.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h 121randfile.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
122randfile.o: ../../include/openssl/symhacks.h
diff --git a/src/lib/libcrypto/rand/md_rand.c b/src/lib/libcrypto/rand/md_rand.c
index da4258c479..d167dea77d 100644
--- a/src/lib/libcrypto/rand/md_rand.c
+++ b/src/lib/libcrypto/rand/md_rand.c
@@ -109,9 +109,7 @@
109 * 109 *
110 */ 110 */
111 111
112#define ENTROPY_NEEDED 16 /* require 128 bits = 16 bytes of randomness */ 112#ifdef MD_RAND_DEBUG
113
114#ifndef MD_RAND_DEBUG
115# ifndef NDEBUG 113# ifndef NDEBUG
116# define NDEBUG 114# define NDEBUG
117# endif 115# endif
@@ -119,75 +117,20 @@
119 117
120#include <assert.h> 118#include <assert.h>
121#include <stdio.h> 119#include <stdio.h>
122#include <time.h>
123#include <string.h> 120#include <string.h>
124 121
125#include "openssl/e_os.h" 122#include "openssl/e_os.h"
126 123
124#include <openssl/rand.h>
125#include "rand_lcl.h"
126
127#include <openssl/crypto.h> 127#include <openssl/crypto.h>
128#include <openssl/err.h> 128#include <openssl/err.h>
129 129
130#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
131#if !defined(NO_SHA) && !defined(NO_SHA1)
132#define USE_SHA1_RAND
133#elif !defined(NO_MD5)
134#define USE_MD5_RAND
135#elif !defined(NO_MDC2) && !defined(NO_DES)
136#define USE_MDC2_RAND
137#elif !defined(NO_MD2)
138#define USE_MD2_RAND
139#else
140#error No message digest algorithm available
141#endif
142#endif
143
144/* Changed how the state buffer used. I now attempt to 'wrap' such
145 * that I don't run over the same locations the next time go through
146 * the 1023 bytes - many thanks to
147 * Robert J. LeBlanc <rjl@renaissoft.com> for his comments
148 */
149
150#if defined(USE_MD5_RAND)
151#include <openssl/md5.h>
152#define MD_DIGEST_LENGTH MD5_DIGEST_LENGTH
153#define MD_CTX MD5_CTX
154#define MD_Init(a) MD5_Init(a)
155#define MD_Update(a,b,c) MD5_Update(a,b,c)
156#define MD_Final(a,b) MD5_Final(a,b)
157#define MD(a,b,c) MD5(a,b,c)
158#elif defined(USE_SHA1_RAND)
159#include <openssl/sha.h>
160#define MD_DIGEST_LENGTH SHA_DIGEST_LENGTH
161#define MD_CTX SHA_CTX
162#define MD_Init(a) SHA1_Init(a)
163#define MD_Update(a,b,c) SHA1_Update(a,b,c)
164#define MD_Final(a,b) SHA1_Final(a,b)
165#define MD(a,b,c) SHA1(a,b,c)
166#elif defined(USE_MDC2_RAND)
167#include <openssl/mdc2.h>
168#define MD_DIGEST_LENGTH MDC2_DIGEST_LENGTH
169#define MD_CTX MDC2_CTX
170#define MD_Init(a) MDC2_Init(a)
171#define MD_Update(a,b,c) MDC2_Update(a,b,c)
172#define MD_Final(a,b) MDC2_Final(a,b)
173#define MD(a,b,c) MDC2(a,b,c)
174#elif defined(USE_MD2_RAND)
175#include <openssl/md2.h>
176#define MD_DIGEST_LENGTH MD2_DIGEST_LENGTH
177#define MD_CTX MD2_CTX
178#define MD_Init(a) MD2_Init(a)
179#define MD_Update(a,b,c) MD2_Update(a,b,c)
180#define MD_Final(a,b) MD2_Final(a,b)
181#define MD(a,b,c) MD2(a,b,c)
182#endif
183
184#include <openssl/rand.h>
185
186#ifdef BN_DEBUG 130#ifdef BN_DEBUG
187# define PREDICT 131# define PREDICT
188#endif 132#endif
189 133
190/* #define NORAND 1 */
191/* #define PREDICT 1 */ 134/* #define PREDICT 1 */
192 135
193#define STATE_SIZE 1023 136#define STATE_SIZE 1023
@@ -198,6 +141,11 @@ static long md_count[2]={0,0};
198static double entropy=0; 141static double entropy=0;
199static int initialized=0; 142static int initialized=0;
200 143
144/* This should be set to 1 only when ssleay_rand_add() is called inside
145 an already locked state, so it doesn't try to lock and thereby cause
146 a hang. And it should always be reset back to 0 before unlocking. */
147static int add_do_not_lock=0;
148
201#ifdef PREDICT 149#ifdef PREDICT
202int rand_predictable=0; 150int rand_predictable=0;
203#endif 151#endif
@@ -234,6 +182,7 @@ static void ssleay_rand_cleanup(void)
234 md_count[0]=0; 182 md_count[0]=0;
235 md_count[1]=0; 183 md_count[1]=0;
236 entropy=0; 184 entropy=0;
185 initialized=0;
237 } 186 }
238 187
239static void ssleay_rand_add(const void *buf, int num, double add) 188static void ssleay_rand_add(const void *buf, int num, double add)
@@ -243,10 +192,6 @@ static void ssleay_rand_add(const void *buf, int num, double add)
243 unsigned char local_md[MD_DIGEST_LENGTH]; 192 unsigned char local_md[MD_DIGEST_LENGTH];
244 MD_CTX m; 193 MD_CTX m;
245 194
246#ifdef NORAND
247 return;
248#endif
249
250 /* 195 /*
251 * (Based on the rand(3) manpage) 196 * (Based on the rand(3) manpage)
252 * 197 *
@@ -262,7 +207,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
262 * hash function. 207 * hash function.
263 */ 208 */
264 209
265 CRYPTO_w_lock(CRYPTO_LOCK_RAND); 210 if (!add_do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
266 st_idx=state_index; 211 st_idx=state_index;
267 212
268 /* use our own copies of the counters so that even 213 /* use our own copies of the counters so that even
@@ -294,7 +239,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
294 239
295 md_count[1] += (num / MD_DIGEST_LENGTH) + (num % MD_DIGEST_LENGTH > 0); 240 md_count[1] += (num / MD_DIGEST_LENGTH) + (num % MD_DIGEST_LENGTH > 0);
296 241
297 CRYPTO_w_unlock(CRYPTO_LOCK_RAND); 242 if (!add_do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
298 243
299 for (i=0; i<num; i+=MD_DIGEST_LENGTH) 244 for (i=0; i<num; i+=MD_DIGEST_LENGTH)
300 { 245 {
@@ -336,7 +281,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
336 } 281 }
337 memset((char *)&m,0,sizeof(m)); 282 memset((char *)&m,0,sizeof(m));
338 283
339 CRYPTO_w_lock(CRYPTO_LOCK_RAND); 284 if (!add_do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
340 /* Don't just copy back local_md into md -- this could mean that 285 /* Don't just copy back local_md into md -- this could mean that
341 * other thread's seeding remains without effect (except for 286 * other thread's seeding remains without effect (except for
342 * the incremented counter). By XORing it we keep at least as 287 * the incremented counter). By XORing it we keep at least as
@@ -347,9 +292,9 @@ static void ssleay_rand_add(const void *buf, int num, double add)
347 } 292 }
348 if (entropy < ENTROPY_NEEDED) /* stop counting when we have enough */ 293 if (entropy < ENTROPY_NEEDED) /* stop counting when we have enough */
349 entropy += add; 294 entropy += add;
350 CRYPTO_w_unlock(CRYPTO_LOCK_RAND); 295 if (!add_do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
351 296
352#ifndef THREADS 297#if !defined(THREADS) && !defined(WIN32)
353 assert(md_c[1] == md_count[1]); 298 assert(md_c[1] == md_count[1]);
354#endif 299#endif
355 } 300 }
@@ -359,58 +304,9 @@ static void ssleay_rand_seed(const void *buf, int num)
359 ssleay_rand_add(buf, num, num); 304 ssleay_rand_add(buf, num, num);
360 } 305 }
361 306
362static void ssleay_rand_initialize(void)
363 {
364 unsigned long l;
365#ifndef GETPID_IS_MEANINGLESS
366 pid_t curr_pid = getpid();
367#endif
368#ifdef DEVRANDOM
369 FILE *fh;
370#endif
371
372#ifdef NORAND
373 return;
374#endif
375
376 CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
377 /* put in some default random data, we need more than just this */
378#ifndef GETPID_IS_MEANINGLESS
379 l=curr_pid;
380 RAND_add(&l,sizeof(l),0);
381 l=getuid();
382 RAND_add(&l,sizeof(l),0);
383#endif
384 l=time(NULL);
385 RAND_add(&l,sizeof(l),0);
386
387#ifdef DEVRANDOM
388 /* Use a random entropy pool device. Linux, FreeBSD and OpenBSD
389 * have this. Use /dev/urandom if you can as /dev/random may block
390 * if it runs out of random entries. */
391
392 if ((fh = fopen(DEVRANDOM, "r")) != NULL)
393 {
394 unsigned char tmpbuf[ENTROPY_NEEDED];
395 int n;
396
397 setvbuf(fh, NULL, _IONBF, 0);
398 n=fread((unsigned char *)tmpbuf,1,ENTROPY_NEEDED,fh);
399 fclose(fh);
400 RAND_add(tmpbuf,sizeof tmpbuf,n);
401 memset(tmpbuf,0,n);
402 }
403#endif
404#ifdef PURIFY
405 memset(state,0,STATE_SIZE);
406 memset(md,0,MD_DIGEST_LENGTH);
407#endif
408 CRYPTO_w_lock(CRYPTO_LOCK_RAND);
409 initialized=1;
410 }
411
412static int ssleay_rand_bytes(unsigned char *buf, int num) 307static int ssleay_rand_bytes(unsigned char *buf, int num)
413 { 308 {
309 static volatile int stirred_pool = 0;
414 int i,j,k,st_num,st_idx; 310 int i,j,k,st_num,st_idx;
415 int ok; 311 int ok;
416 long md_c[2]; 312 long md_c[2];
@@ -419,6 +315,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
419#ifndef GETPID_IS_MEANINGLESS 315#ifndef GETPID_IS_MEANINGLESS
420 pid_t curr_pid = getpid(); 316 pid_t curr_pid = getpid();
421#endif 317#endif
318 int do_stir_pool = 0;
422 319
423#ifdef PREDICT 320#ifdef PREDICT
424 if (rand_predictable) 321 if (rand_predictable)
@@ -450,11 +347,17 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
450 * global 'md'. 347 * global 'md'.
451 */ 348 */
452 349
453 CRYPTO_w_lock(CRYPTO_LOCK_RAND);
454
455 if (!initialized) 350 if (!initialized)
456 ssleay_rand_initialize(); 351 RAND_poll();
352
353 CRYPTO_w_lock(CRYPTO_LOCK_RAND);
354 add_do_not_lock = 1; /* Since we call ssleay_rand_add while in
355 this locked state. */
457 356
357 initialized = 1;
358 if (!stirred_pool)
359 do_stir_pool = 1;
360
458 ok = (entropy >= ENTROPY_NEEDED); 361 ok = (entropy >= ENTROPY_NEEDED);
459 if (!ok) 362 if (!ok)
460 { 363 {
@@ -464,12 +367,42 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
464 * Once we've had enough initial seeding we don't bother to 367 * Once we've had enough initial seeding we don't bother to
465 * adjust the entropy count, though, because we're not ambitious 368 * adjust the entropy count, though, because we're not ambitious
466 * to provide *information-theoretic* randomness. 369 * to provide *information-theoretic* randomness.
370 *
371 * NOTE: This approach fails if the program forks before
372 * we have enough entropy. Entropy should be collected
373 * in a separate input pool and be transferred to the
374 * output pool only when the entropy limit has been reached.
467 */ 375 */
468 entropy -= num; 376 entropy -= num;
469 if (entropy < 0) 377 if (entropy < 0)
470 entropy = 0; 378 entropy = 0;
471 } 379 }
472 380
381 if (do_stir_pool)
382 {
383 /* Our output function chains only half of 'md', so we better
384 * make sure that the required entropy gets 'evenly distributed'
385 * through 'state', our randomness pool. The input function
386 * (ssleay_rand_add) chains all of 'md', which makes it more
387 * suitable for this purpose.
388 */
389
390 int n = STATE_SIZE; /* so that the complete pool gets accessed */
391 while (n > 0)
392 {
393#if MD_DIGEST_LENGTH > 20
394# error "Please adjust DUMMY_SEED."
395#endif
396#define DUMMY_SEED "...................." /* at least MD_DIGEST_LENGTH */
397 /* Note that the seed does not matter, it's just that
398 * ssleay_rand_add expects to have something to hash. */
399 ssleay_rand_add(DUMMY_SEED, MD_DIGEST_LENGTH, 0.0);
400 n -= MD_DIGEST_LENGTH;
401 }
402 if (ok)
403 stirred_pool = 1;
404 }
405
473 st_idx=state_index; 406 st_idx=state_index;
474 st_num=state_num; 407 st_num=state_num;
475 md_c[0] = md_count[0]; 408 md_c[0] = md_count[0];
@@ -484,6 +417,9 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
484 * are now ours (but other threads may use them too) */ 417 * are now ours (but other threads may use them too) */
485 418
486 md_count[0] += 1; 419 md_count[0] += 1;
420
421 add_do_not_lock = 0; /* If this would ever be forgotten, we can
422 expect any evil god to eat our souls. */
487 CRYPTO_w_unlock(CRYPTO_LOCK_RAND); 423 CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
488 424
489 while (num > 0) 425 while (num > 0)
@@ -536,6 +472,8 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
536 else 472 else
537 { 473 {
538 RANDerr(RAND_F_SSLEAY_RAND_BYTES,RAND_R_PRNG_NOT_SEEDED); 474 RANDerr(RAND_F_SSLEAY_RAND_BYTES,RAND_R_PRNG_NOT_SEEDED);
475 ERR_add_error_data(1, "You need to read the OpenSSL FAQ, "
476 "http://www.openssl.org/support/faq.html");
539 return(0); 477 return(0);
540 } 478 }
541 } 479 }
@@ -561,152 +499,13 @@ static int ssleay_rand_status(void)
561 { 499 {
562 int ret; 500 int ret;
563 501
564 CRYPTO_w_lock(CRYPTO_LOCK_RAND);
565
566 if (!initialized) 502 if (!initialized)
567 ssleay_rand_initialize(); 503 RAND_poll();
568 ret = entropy >= ENTROPY_NEEDED;
569 504
505 CRYPTO_w_lock(CRYPTO_LOCK_RAND);
506 initialized = 1;
507 ret = entropy >= ENTROPY_NEEDED;
570 CRYPTO_w_unlock(CRYPTO_LOCK_RAND); 508 CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
571 509
572 return ret; 510 return ret;
573 } 511 }
574
575#ifdef WINDOWS
576#include <windows.h>
577#include <openssl/rand.h>
578
579int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam)
580 {
581 double add_entropy=0;
582 SYSTEMTIME t;
583
584 switch (iMsg)
585 {
586 case WM_KEYDOWN:
587 {
588 static WPARAM key;
589 if (key != wParam)
590 add_entropy = 0.05;
591 key = wParam;
592 }
593 break;
594 case WM_MOUSEMOVE:
595 {
596 static int lastx,lasty,lastdx,lastdy;
597 int x,y,dx,dy;
598
599 x=LOWORD(lParam);
600 y=HIWORD(lParam);
601 dx=lastx-x;
602 dy=lasty-y;
603 if (dx != 0 && dy != 0 && dx-lastdx != 0 && dy-lastdy != 0)
604 add_entropy=.2;
605 lastx=x, lasty=y;
606 lastdx=dx, lastdy=dy;
607 }
608 break;
609 }
610
611 GetSystemTime(&t);
612 RAND_add(&iMsg, sizeof(iMsg), add_entropy);
613 RAND_add(&wParam, sizeof(wParam), 0);
614 RAND_add(&lParam, sizeof(lParam), 0);
615 RAND_add(&t, sizeof(t), 0);
616
617 return (RAND_status());
618 }
619
620/*****************************************************************************
621 * Initialisation function for the SSL random generator. Takes the contents
622 * of the screen as random seed.
623 *
624 * Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V.
625 *
626 * Code adapted from
627 * <URL:http://www.microsoft.com/kb/developr/win_dk/q97193.htm>;
628 * the original copyright message is:
629 *
630 * (C) Copyright Microsoft Corp. 1993. All rights reserved.
631 *
632 * You have a royalty-free right to use, modify, reproduce and
633 * distribute the Sample Files (and/or any modified version) in
634 * any way you find useful, provided that you agree that
635 * Microsoft has no warranty obligations or liability for any
636 * Sample Application Files which are modified.
637 */
638/*
639 * I have modified the loading of bytes via RAND_seed() mechanism since
640 * the original would have been very very CPU intensive since RAND_seed()
641 * does an MD5 per 16 bytes of input. The cost to digest 16 bytes is the same
642 * as that to digest 56 bytes. So under the old system, a screen of
643 * 1024*768*256 would have been CPU cost of approximately 49,000 56 byte MD5
644 * digests or digesting 2.7 mbytes. What I have put in place would
645 * be 48 16k MD5 digests, or effectively 48*16+48 MD5 bytes or 816 kbytes
646 * or about 3.5 times as much.
647 * - eric
648 */
649void RAND_screen(void)
650{
651 HDC hScrDC; /* screen DC */
652 HDC hMemDC; /* memory DC */
653 HBITMAP hBitmap; /* handle for our bitmap */
654 HBITMAP hOldBitmap; /* handle for previous bitmap */
655 BITMAP bm; /* bitmap properties */
656 unsigned int size; /* size of bitmap */
657 char *bmbits; /* contents of bitmap */
658 int w; /* screen width */
659 int h; /* screen height */
660 int y; /* y-coordinate of screen lines to grab */
661 int n = 16; /* number of screen lines to grab at a time */
662
663 /* Create a screen DC and a memory DC compatible to screen DC */
664 hScrDC = CreateDC("DISPLAY", NULL, NULL, NULL);
665 hMemDC = CreateCompatibleDC(hScrDC);
666
667 /* Get screen resolution */
668 w = GetDeviceCaps(hScrDC, HORZRES);
669 h = GetDeviceCaps(hScrDC, VERTRES);
670
671 /* Create a bitmap compatible with the screen DC */
672 hBitmap = CreateCompatibleBitmap(hScrDC, w, n);
673
674 /* Select new bitmap into memory DC */
675 hOldBitmap = SelectObject(hMemDC, hBitmap);
676
677 /* Get bitmap properties */
678 GetObject(hBitmap, sizeof(BITMAP), (LPSTR)&bm);
679 size = (unsigned int)bm.bmWidthBytes * bm.bmHeight * bm.bmPlanes;
680
681 bmbits = Malloc(size);
682 if (bmbits) {
683 /* Now go through the whole screen, repeatedly grabbing n lines */
684 for (y = 0; y < h-n; y += n)
685 {
686 unsigned char md[MD_DIGEST_LENGTH];
687
688 /* Bitblt screen DC to memory DC */
689 BitBlt(hMemDC, 0, 0, w, n, hScrDC, 0, y, SRCCOPY);
690
691 /* Copy bitmap bits from memory DC to bmbits */
692 GetBitmapBits(hBitmap, size, bmbits);
693
694 /* Get the MD5 of the bitmap */
695 MD(bmbits,size,md);
696
697 /* Seed the random generator with the MD5 digest */
698 RAND_seed(md, MD_DIGEST_LENGTH);
699 }
700
701 Free(bmbits);
702 }
703
704 /* Select old bitmap back into memory DC */
705 hBitmap = SelectObject(hMemDC, hOldBitmap);
706
707 /* Clean up */
708 DeleteObject(hBitmap);
709 DeleteDC(hMemDC);
710 DeleteDC(hScrDC);
711}
712#endif
diff --git a/src/lib/libcrypto/rand/rand.h b/src/lib/libcrypto/rand/rand.h
index 2973ee90e4..eb9c8c034d 100644
--- a/src/lib/libcrypto/rand/rand.h
+++ b/src/lib/libcrypto/rand/rand.h
@@ -77,7 +77,9 @@ typedef struct rand_meth_st
77extern int rand_predictable; 77extern int rand_predictable;
78#endif 78#endif
79 79
80void RAND_set_rand_method(RAND_METHOD *meth); 80struct engine_st;
81
82int RAND_set_rand_method(struct engine_st *meth);
81RAND_METHOD *RAND_get_rand_method(void ); 83RAND_METHOD *RAND_get_rand_method(void );
82RAND_METHOD *RAND_SSLeay(void); 84RAND_METHOD *RAND_SSLeay(void);
83void RAND_cleanup(void ); 85void RAND_cleanup(void );
@@ -90,12 +92,28 @@ int RAND_write_file(const char *file);
90const char *RAND_file_name(char *file,int num); 92const char *RAND_file_name(char *file,int num);
91int RAND_status(void); 93int RAND_status(void);
92int RAND_egd(const char *path); 94int RAND_egd(const char *path);
95int RAND_egd_bytes(const char *path,int bytes);
96void ERR_load_RAND_strings(void);
97int RAND_poll(void);
98
99#ifdef __cplusplus
100}
101#endif
102
93#if defined(WINDOWS) || defined(WIN32) 103#if defined(WINDOWS) || defined(WIN32)
94#include <windows.h> 104#include <windows.h>
105
106#ifdef __cplusplus
107extern "C" {
108#endif
109
95void RAND_screen(void); 110void RAND_screen(void);
96int RAND_event(UINT, WPARAM, LPARAM); 111int RAND_event(UINT, WPARAM, LPARAM);
112
113#ifdef __cplusplus
114}
115#endif
97#endif 116#endif
98void ERR_load_RAND_strings(void);
99 117
100/* BEGIN ERROR CODES */ 118/* BEGIN ERROR CODES */
101/* The following lines are auto generated by the script mkerr.pl. Any changes 119/* The following lines are auto generated by the script mkerr.pl. Any changes
@@ -110,8 +128,5 @@ void ERR_load_RAND_strings(void);
110/* Reason codes. */ 128/* Reason codes. */
111#define RAND_R_PRNG_NOT_SEEDED 100 129#define RAND_R_PRNG_NOT_SEEDED 100
112 130
113#ifdef __cplusplus
114}
115#endif
116#endif 131#endif
117 132
diff --git a/src/lib/libcrypto/rand/rand_egd.c b/src/lib/libcrypto/rand/rand_egd.c
index 380c7828c3..02a0d86fa3 100644
--- a/src/lib/libcrypto/rand/rand_egd.c
+++ b/src/lib/libcrypto/rand/rand_egd.c
@@ -64,6 +64,11 @@ int RAND_egd(const char *path)
64 { 64 {
65 return(-1); 65 return(-1);
66 } 66 }
67
68int RAND_egd_bytes(const char *path,int bytes)
69 {
70 return(-1);
71 }
67#else 72#else
68#include <openssl/opensslconf.h> 73#include <openssl/opensslconf.h>
69#include OPENSSL_UNISTD 74#include OPENSSL_UNISTD
@@ -107,4 +112,56 @@ int RAND_egd(const char *path)
107 if (fd != -1) close(fd); 112 if (fd != -1) close(fd);
108 return(ret); 113 return(ret);
109 } 114 }
115
116int RAND_egd_bytes(const char *path,int bytes)
117 {
118 int ret = 0;
119 struct sockaddr_un addr;
120 int len, num;
121 int fd = -1;
122 unsigned char buf[255];
123
124 memset(&addr, 0, sizeof(addr));
125 addr.sun_family = AF_UNIX;
126 if (strlen(path) > sizeof(addr.sun_path))
127 return (-1);
128 strcpy(addr.sun_path,path);
129 len = offsetof(struct sockaddr_un, sun_path) + strlen(path);
130 fd = socket(AF_UNIX, SOCK_STREAM, 0);
131 if (fd == -1) return (-1);
132 if (connect(fd, (struct sockaddr *)&addr, len) == -1) goto err;
133
134 while(bytes > 0)
135 {
136 buf[0] = 1;
137 buf[1] = bytes < 255 ? bytes : 255;
138 write(fd, buf, 2);
139 if (read(fd, buf, 1) != 1)
140 {
141 ret=-1;
142 goto err;
143 }
144 if(buf[0] == 0)
145 goto err;
146 num = read(fd, buf, buf[0]);
147 if (num < 1)
148 {
149 ret=-1;
150 goto err;
151 }
152 RAND_seed(buf, num);
153 if (RAND_status() != 1)
154 {
155 ret=-1;
156 goto err;
157 }
158 ret += num;
159 bytes-=num;
160 }
161 err:
162 if (fd != -1) close(fd);
163 return(ret);
164 }
165
166
110#endif 167#endif
diff --git a/src/lib/libcrypto/rand/rand_lcl.h b/src/lib/libcrypto/rand/rand_lcl.h
new file mode 100644
index 0000000000..120e9366d2
--- /dev/null
+++ b/src/lib/libcrypto/rand/rand_lcl.h
@@ -0,0 +1,184 @@
1/* crypto/rand/md_rand.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#ifndef HEADER_RAND_LCL_H
113#define HEADER_RAND_LCL_H
114
115#define ENTROPY_NEEDED 20 /* require 160 bits = 20 bytes of randomness */
116
117
118#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
119#if !defined(NO_SHA) && !defined(NO_SHA1)
120#define USE_SHA1_RAND
121#elif !defined(NO_MD5)
122#define USE_MD5_RAND
123#elif !defined(NO_MDC2) && !defined(NO_DES)
124#define USE_MDC2_RAND
125#elif !defined(NO_MD2)
126#define USE_MD2_RAND
127#else
128#error No message digest algorithm available
129#endif
130#endif
131
132#if defined(USE_MD5_RAND)
133#include <openssl/md5.h>
134#define MD_DIGEST_LENGTH MD5_DIGEST_LENGTH
135#define MD(a,b,c) MD5(a,b,c)
136#elif defined(USE_SHA1_RAND)
137#include <openssl/sha.h>
138#define MD_DIGEST_LENGTH SHA_DIGEST_LENGTH
139#define MD(a,b,c) SHA1(a,b,c)
140#elif defined(USE_MDC2_RAND)
141#include <openssl/mdc2.h>
142#define MD_DIGEST_LENGTH MDC2_DIGEST_LENGTH
143#define MD(a,b,c) MDC2(a,b,c)
144#elif defined(USE_MD2_RAND)
145#include <openssl/md2.h>
146#define MD_DIGEST_LENGTH MD2_DIGEST_LENGTH
147#define MD(a,b,c) MD2(a,b,c)
148#endif
149#if defined(USE_MD5_RAND)
150#include <openssl/md5.h>
151#define MD_DIGEST_LENGTH MD5_DIGEST_LENGTH
152#define MD_CTX MD5_CTX
153#define MD_Init(a) MD5_Init(a)
154#define MD_Update(a,b,c) MD5_Update(a,b,c)
155#define MD_Final(a,b) MD5_Final(a,b)
156#define MD(a,b,c) MD5(a,b,c)
157#elif defined(USE_SHA1_RAND)
158#include <openssl/sha.h>
159#define MD_DIGEST_LENGTH SHA_DIGEST_LENGTH
160#define MD_CTX SHA_CTX
161#define MD_Init(a) SHA1_Init(a)
162#define MD_Update(a,b,c) SHA1_Update(a,b,c)
163#define MD_Final(a,b) SHA1_Final(a,b)
164#define MD(a,b,c) SHA1(a,b,c)
165#elif defined(USE_MDC2_RAND)
166#include <openssl/mdc2.h>
167#define MD_DIGEST_LENGTH MDC2_DIGEST_LENGTH
168#define MD_CTX MDC2_CTX
169#define MD_Init(a) MDC2_Init(a)
170#define MD_Update(a,b,c) MDC2_Update(a,b,c)
171#define MD_Final(a,b) MDC2_Final(a,b)
172#define MD(a,b,c) MDC2(a,b,c)
173#elif defined(USE_MD2_RAND)
174#include <openssl/md2.h>
175#define MD_DIGEST_LENGTH MD2_DIGEST_LENGTH
176#define MD_CTX MD2_CTX
177#define MD_Init(a) MD2_Init(a)
178#define MD_Update(a,b,c) MD2_Update(a,b,c)
179#define MD_Final(a,b) MD2_Final(a,b)
180#define MD(a,b,c) MD2(a,b,c)
181#endif
182
183
184#endif
diff --git a/src/lib/libcrypto/rand/rand_lib.c b/src/lib/libcrypto/rand/rand_lib.c
index 7da74aab0e..57eff0f132 100644
--- a/src/lib/libcrypto/rand/rand_lib.c
+++ b/src/lib/libcrypto/rand/rand_lib.c
@@ -59,59 +59,78 @@
59#include <stdio.h> 59#include <stdio.h>
60#include <time.h> 60#include <time.h>
61#include <openssl/rand.h> 61#include <openssl/rand.h>
62#include <openssl/engine.h>
62 63
63#ifdef NO_RAND 64static ENGINE *rand_engine=NULL;
64static RAND_METHOD *rand_meth=NULL;
65#else
66extern RAND_METHOD rand_ssleay_meth;
67static RAND_METHOD *rand_meth= &rand_ssleay_meth;
68#endif
69 65
66#if 0
70void RAND_set_rand_method(RAND_METHOD *meth) 67void RAND_set_rand_method(RAND_METHOD *meth)
71 { 68 {
72 rand_meth=meth; 69 rand_meth=meth;
73 } 70 }
71#else
72int RAND_set_rand_method(ENGINE *engine)
73 {
74 ENGINE *mtmp;
75 mtmp = rand_engine;
76 if (!ENGINE_init(engine))
77 return 0;
78 rand_engine = engine;
79 /* SHOULD ERROR CHECK THIS!!! */
80 ENGINE_finish(mtmp);
81 return 1;
82 }
83#endif
74 84
75RAND_METHOD *RAND_get_rand_method(void) 85RAND_METHOD *RAND_get_rand_method(void)
76 { 86 {
77 return(rand_meth); 87 if (rand_engine == NULL
88 && (rand_engine = ENGINE_get_default_RAND()) == NULL)
89 return NULL;
90 return ENGINE_get_RAND(rand_engine);
78 } 91 }
79 92
80void RAND_cleanup(void) 93void RAND_cleanup(void)
81 { 94 {
82 if (rand_meth != NULL) 95 RAND_METHOD *meth = RAND_get_rand_method();
83 rand_meth->cleanup(); 96 if (meth && meth->cleanup)
97 meth->cleanup();
84 } 98 }
85 99
86void RAND_seed(const void *buf, int num) 100void RAND_seed(const void *buf, int num)
87 { 101 {
88 if (rand_meth != NULL) 102 RAND_METHOD *meth = RAND_get_rand_method();
89 rand_meth->seed(buf,num); 103 if (meth && meth->seed)
104 meth->seed(buf,num);
90 } 105 }
91 106
92void RAND_add(const void *buf, int num, double entropy) 107void RAND_add(const void *buf, int num, double entropy)
93 { 108 {
94 if (rand_meth != NULL) 109 RAND_METHOD *meth = RAND_get_rand_method();
95 rand_meth->add(buf,num,entropy); 110 if (meth && meth->add)
111 meth->add(buf,num,entropy);
96 } 112 }
97 113
98int RAND_bytes(unsigned char *buf, int num) 114int RAND_bytes(unsigned char *buf, int num)
99 { 115 {
100 if (rand_meth != NULL) 116 RAND_METHOD *meth = RAND_get_rand_method();
101 return rand_meth->bytes(buf,num); 117 if (meth && meth->bytes)
118 return meth->bytes(buf,num);
102 return(-1); 119 return(-1);
103 } 120 }
104 121
105int RAND_pseudo_bytes(unsigned char *buf, int num) 122int RAND_pseudo_bytes(unsigned char *buf, int num)
106 { 123 {
107 if (rand_meth != NULL) 124 RAND_METHOD *meth = RAND_get_rand_method();
108 return rand_meth->pseudorand(buf,num); 125 if (meth && meth->pseudorand)
126 return meth->pseudorand(buf,num);
109 return(-1); 127 return(-1);
110 } 128 }
111 129
112int RAND_status(void) 130int RAND_status(void)
113 { 131 {
114 if (rand_meth != NULL) 132 RAND_METHOD *meth = RAND_get_rand_method();
115 return rand_meth->status(); 133 if (meth && meth->status)
134 return meth->status();
116 return 0; 135 return 0;
117 } 136 }
diff --git a/src/lib/libcrypto/rand/rand_win.c b/src/lib/libcrypto/rand/rand_win.c
new file mode 100644
index 0000000000..9f2dcff9a9
--- /dev/null
+++ b/src/lib/libcrypto/rand/rand_win.c
@@ -0,0 +1,732 @@
1/* crypto/rand/rand_win.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include "cryptlib.h"
113#include <openssl/rand.h>
114#include "rand_lcl.h"
115
116#if defined(WINDOWS) || defined(WIN32)
117#include <windows.h>
118#ifndef _WIN32_WINNT
119# define _WIN32_WINNT 0x0400
120#endif
121#include <wincrypt.h>
122#include <tlhelp32.h>
123
124/* Intel hardware RNG CSP -- available from
125 * http://developer.intel.com/design/security/rng/redist_license.htm
126 */
127#define PROV_INTEL_SEC 22
128#define INTEL_DEF_PROV "Intel Hardware Cryptographic Service Provider"
129
130static void readtimer(void);
131static void readscreen(void);
132
133/* It appears like CURSORINFO, PCURSORINFO and LPCURSORINFO are only defined
134 when WINVER is 0x0500 and up, which currently only happens on Win2000.
135 Unfortunately, those are typedefs, so they're a little bit difficult to
136 detect properly. On the other hand, the macro CURSOR_SHOWING is defined
137 within the same conditional, so it can be use to detect the absence of said
138 typedefs. */
139
140#ifndef CURSOR_SHOWING
141/*
142 * Information about the global cursor.
143 */
144typedef struct tagCURSORINFO
145{
146 DWORD cbSize;
147 DWORD flags;
148 HCURSOR hCursor;
149 POINT ptScreenPos;
150} CURSORINFO, *PCURSORINFO, *LPCURSORINFO;
151
152#define CURSOR_SHOWING 0x00000001
153#endif /* CURSOR_SHOWING */
154
155typedef BOOL (WINAPI *CRYPTACQUIRECONTEXT)(HCRYPTPROV *, LPCTSTR, LPCTSTR,
156 DWORD, DWORD);
157typedef BOOL (WINAPI *CRYPTGENRANDOM)(HCRYPTPROV, DWORD, BYTE *);
158typedef BOOL (WINAPI *CRYPTRELEASECONTEXT)(HCRYPTPROV, DWORD);
159
160typedef HWND (WINAPI *GETFOREGROUNDWINDOW)(VOID);
161typedef BOOL (WINAPI *GETCURSORINFO)(PCURSORINFO);
162typedef DWORD (WINAPI *GETQUEUESTATUS)(UINT);
163
164typedef HANDLE (WINAPI *CREATETOOLHELP32SNAPSHOT)(DWORD, DWORD);
165typedef BOOL (WINAPI *HEAP32FIRST)(LPHEAPENTRY32, DWORD, DWORD);
166typedef BOOL (WINAPI *HEAP32NEXT)(LPHEAPENTRY32);
167typedef BOOL (WINAPI *HEAP32LIST)(HANDLE, LPHEAPLIST32);
168typedef BOOL (WINAPI *PROCESS32)(HANDLE, LPPROCESSENTRY32);
169typedef BOOL (WINAPI *THREAD32)(HANDLE, LPTHREADENTRY32);
170typedef BOOL (WINAPI *MODULE32)(HANDLE, LPMODULEENTRY32);
171
172#include <lmcons.h>
173#include <lmstats.h>
174#if 1 /* The NET API is Unicode only. It requires the use of the UNICODE
175 * macro. When UNICODE is defined LPTSTR becomes LPWSTR. LMSTR was
176 * was added to the Platform SDK to allow the NET API to be used in
177 * non-Unicode applications provided that Unicode strings were still
178 * used for input. LMSTR is defined as LPWSTR.
179 */
180typedef NET_API_STATUS (NET_API_FUNCTION * NETSTATGET)
181 (LPWSTR, LPWSTR, DWORD, DWORD, LPBYTE*);
182typedef NET_API_STATUS (NET_API_FUNCTION * NETFREE)(LPBYTE);
183#endif /* 1 */
184
185int RAND_poll(void)
186{
187 MEMORYSTATUS m;
188 HCRYPTPROV hProvider = 0;
189 BYTE buf[64];
190 DWORD w;
191 HWND h;
192
193 HMODULE advapi, kernel, user, netapi;
194 CRYPTACQUIRECONTEXT acquire = 0;
195 CRYPTGENRANDOM gen = 0;
196 CRYPTRELEASECONTEXT release = 0;
197#if 1 /* There was previously a problem with NETSTATGET. Currently, this
198 * section is still experimental, but if all goes well, this conditional
199 * will be removed
200 */
201 NETSTATGET netstatget = 0;
202 NETFREE netfree = 0;
203#endif /* 1 */
204
205 /* Determine the OS version we are on so we can turn off things
206 * that do not work properly.
207 */
208 OSVERSIONINFO osverinfo ;
209 osverinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO) ;
210 GetVersionEx( &osverinfo ) ;
211
212 /* load functions dynamically - not available on all systems */
213 advapi = LoadLibrary("ADVAPI32.DLL");
214 kernel = LoadLibrary("KERNEL32.DLL");
215 user = LoadLibrary("USER32.DLL");
216 netapi = LoadLibrary("NETAPI32.DLL");
217
218#if 1 /* There was previously a problem with NETSTATGET. Currently, this
219 * section is still experimental, but if all goes well, this conditional
220 * will be removed
221 */
222 if (netapi)
223 {
224 netstatget = (NETSTATGET) GetProcAddress(netapi,"NetStatisticsGet");
225 netfree = (NETFREE) GetProcAddress(netapi,"NetApiBufferFree");
226 }
227
228 if (netstatget && netfree)
229 {
230 LPBYTE outbuf;
231 /* NetStatisticsGet() is a Unicode only function
232 * STAT_WORKSTATION_0 contains 45 fields and STAT_SERVER_0
233 * contains 17 fields. We treat each field as a source of
234 * one byte of entropy.
235 */
236
237 if (netstatget(NULL, L"LanmanWorkstation", 0, 0, &outbuf) == 0)
238 {
239 RAND_add(outbuf, sizeof(STAT_WORKSTATION_0), 45);
240 netfree(outbuf);
241 }
242 if (netstatget(NULL, L"LanmanServer", 0, 0, &outbuf) == 0)
243 {
244 RAND_add(outbuf, sizeof(STAT_SERVER_0), 17);
245 netfree(outbuf);
246 }
247 }
248
249 if (netapi)
250 FreeLibrary(netapi);
251#endif /* 1 */
252
253 /* It appears like this can cause an exception deep within ADVAPI32.DLL
254 * at random times on Windows 2000. Reported by Jeffrey Altman.
255 * Only use it on NT.
256 */
257 if ( osverinfo.dwPlatformId == VER_PLATFORM_WIN32_NT &&
258 osverinfo.dwMajorVersion < 5)
259 {
260 /* Read Performance Statistics from NT/2000 registry
261 * The size of the performance data can vary from call
262 * to call so we must guess the size of the buffer to use
263 * and increase its size if we get an ERROR_MORE_DATA
264 * return instead of ERROR_SUCCESS.
265 */
266 LONG rc=ERROR_MORE_DATA;
267 char * buf=NULL;
268 DWORD bufsz=0;
269 DWORD length;
270
271 while (rc == ERROR_MORE_DATA)
272 {
273 buf = realloc(buf,bufsz+8192);
274 if (!buf)
275 break;
276 bufsz += 8192;
277
278 length = bufsz;
279 rc = RegQueryValueEx(HKEY_PERFORMANCE_DATA, "Global",
280 NULL, NULL, buf, &length);
281 }
282 if (rc == ERROR_SUCCESS)
283 {
284 /* For entropy count assume only least significant
285 * byte of each DWORD is random.
286 */
287 RAND_add(&length, sizeof(length), 0);
288 RAND_add(buf, length, length / 4.0);
289 }
290 if (buf)
291 free(buf);
292 }
293
294 if (advapi)
295 {
296 acquire = (CRYPTACQUIRECONTEXT) GetProcAddress(advapi,
297 "CryptAcquireContextA");
298 gen = (CRYPTGENRANDOM) GetProcAddress(advapi,
299 "CryptGenRandom");
300 release = (CRYPTRELEASECONTEXT) GetProcAddress(advapi,
301 "CryptReleaseContext");
302 }
303
304 if (acquire && gen && release)
305 {
306 /* poll the CryptoAPI PRNG */
307 /* The CryptoAPI returns sizeof(buf) bytes of randomness */
308 if (acquire(&hProvider, 0, 0, PROV_RSA_FULL,
309 CRYPT_VERIFYCONTEXT))
310 {
311 if (gen(hProvider, sizeof(buf), buf) != 0)
312 {
313 RAND_add(buf, sizeof(buf), sizeof(buf));
314#ifdef DEBUG
315 printf("randomness from PROV_RSA_FULL\n");
316#endif
317 }
318 release(hProvider, 0);
319 }
320
321 /* poll the Pentium PRG with CryptoAPI */
322 if (acquire(&hProvider, 0, INTEL_DEF_PROV, PROV_INTEL_SEC, 0))
323 {
324 if (gen(hProvider, sizeof(buf), buf) != 0)
325 {
326 RAND_add(buf, sizeof(buf), sizeof(buf));
327#ifdef DEBUG
328 printf("randomness from PROV_INTEL_SEC\n");
329#endif
330 }
331 release(hProvider, 0);
332 }
333 }
334
335 if (advapi)
336 FreeLibrary(advapi);
337
338 /* timer data */
339 readtimer();
340
341 /* memory usage statistics */
342 GlobalMemoryStatus(&m);
343 RAND_add(&m, sizeof(m), 1);
344
345 /* process ID */
346 w = GetCurrentProcessId();
347 RAND_add(&w, sizeof(w), 1);
348
349 if (user)
350 {
351 GETCURSORINFO cursor;
352 GETFOREGROUNDWINDOW win;
353 GETQUEUESTATUS queue;
354
355 win = (GETFOREGROUNDWINDOW) GetProcAddress(user, "GetForegroundWindow");
356 cursor = (GETCURSORINFO) GetProcAddress(user, "GetCursorInfo");
357 queue = (GETQUEUESTATUS) GetProcAddress(user, "GetQueueStatus");
358
359 if (win)
360 {
361 /* window handle */
362 h = win();
363 RAND_add(&h, sizeof(h), 0);
364 }
365 if (cursor)
366 {
367 /* unfortunately, its not safe to call GetCursorInfo()
368 * on NT4 even though it exists in SP3 (or SP6) and
369 * higher.
370 */
371 if ( osverinfo.dwPlatformId == VER_PLATFORM_WIN32_NT &&
372 osverinfo.dwMajorVersion < 5)
373 cursor = 0;
374 }
375 if (cursor)
376 {
377 /* cursor position */
378 /* assume 2 bytes of entropy */
379 CURSORINFO ci;
380 ci.cbSize = sizeof(CURSORINFO);
381 if (cursor(&ci))
382 RAND_add(&ci, ci.cbSize, 2);
383 }
384
385 if (queue)
386 {
387 /* message queue status */
388 /* assume 1 byte of entropy */
389 w = queue(QS_ALLEVENTS);
390 RAND_add(&w, sizeof(w), 1);
391 }
392
393 FreeLibrary(user);
394 }
395
396 /* Toolhelp32 snapshot: enumerate processes, threads, modules and heap
397 * http://msdn.microsoft.com/library/psdk/winbase/toolhelp_5pfd.htm
398 * (Win 9x and 2000 only, not available on NT)
399 *
400 * This seeding method was proposed in Peter Gutmann, Software
401 * Generation of Practically Strong Random Numbers,
402 * http://www.usenix.org/publications/library/proceedings/sec98/gutmann.html
403 * revised version at http://www.cryptoengines.com/~peter/06_random.pdf
404 * (The assignment of entropy estimates below is arbitrary, but based
405 * on Peter's analysis the full poll appears to be safe. Additional
406 * interactive seeding is encouraged.)
407 */
408
409 if (kernel)
410 {
411 CREATETOOLHELP32SNAPSHOT snap;
412 HANDLE handle;
413
414 HEAP32FIRST heap_first;
415 HEAP32NEXT heap_next;
416 HEAP32LIST heaplist_first, heaplist_next;
417 PROCESS32 process_first, process_next;
418 THREAD32 thread_first, thread_next;
419 MODULE32 module_first, module_next;
420
421 HEAPLIST32 hlist;
422 HEAPENTRY32 hentry;
423 PROCESSENTRY32 p;
424 THREADENTRY32 t;
425 MODULEENTRY32 m;
426
427 snap = (CREATETOOLHELP32SNAPSHOT)
428 GetProcAddress(kernel, "CreateToolhelp32Snapshot");
429 heap_first = (HEAP32FIRST) GetProcAddress(kernel, "Heap32First");
430 heap_next = (HEAP32NEXT) GetProcAddress(kernel, "Heap32Next");
431 heaplist_first = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListFirst");
432 heaplist_next = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListNext");
433 process_first = (PROCESS32) GetProcAddress(kernel, "Process32First");
434 process_next = (PROCESS32) GetProcAddress(kernel, "Process32Next");
435 thread_first = (THREAD32) GetProcAddress(kernel, "Thread32First");
436 thread_next = (THREAD32) GetProcAddress(kernel, "Thread32Next");
437 module_first = (MODULE32) GetProcAddress(kernel, "Module32First");
438 module_next = (MODULE32) GetProcAddress(kernel, "Module32Next");
439
440 if (snap && heap_first && heap_next && heaplist_first &&
441 heaplist_next && process_first && process_next &&
442 thread_first && thread_next && module_first &&
443 module_next && (handle = snap(TH32CS_SNAPALL,0))
444 != NULL)
445 {
446 /* heap list and heap walking */
447 /* HEAPLIST32 contains 3 fields that will change with
448 * each entry. Consider each field a source of 1 byte
449 * of entropy.
450 * HEAPENTRY32 contains 5 fields that will change with
451 * each entry. Consider each field a source of 1 byte
452 * of entropy.
453 */
454 hlist.dwSize = sizeof(HEAPLIST32);
455 if (heaplist_first(handle, &hlist))
456 do
457 {
458 RAND_add(&hlist, hlist.dwSize, 3);
459 hentry.dwSize = sizeof(HEAPENTRY32);
460 if (heap_first(&hentry,
461 hlist.th32ProcessID,
462 hlist.th32HeapID))
463 {
464 int entrycnt = 50;
465 do
466 RAND_add(&hentry,
467 hentry.dwSize, 5);
468 while (heap_next(&hentry)
469 && --entrycnt > 0);
470 }
471 } while (heaplist_next(handle,
472 &hlist));
473
474 /* process walking */
475 /* PROCESSENTRY32 contains 9 fields that will change
476 * with each entry. Consider each field a source of
477 * 1 byte of entropy.
478 */
479 p.dwSize = sizeof(PROCESSENTRY32);
480 if (process_first(handle, &p))
481 do
482 RAND_add(&p, p.dwSize, 9);
483 while (process_next(handle, &p));
484
485 /* thread walking */
486 /* THREADENTRY32 contains 6 fields that will change
487 * with each entry. Consider each field a source of
488 * 1 byte of entropy.
489 */
490 t.dwSize = sizeof(THREADENTRY32);
491 if (thread_first(handle, &t))
492 do
493 RAND_add(&t, t.dwSize, 6);
494 while (thread_next(handle, &t));
495
496 /* module walking */
497 /* MODULEENTRY32 contains 9 fields that will change
498 * with each entry. Consider each field a source of
499 * 1 byte of entropy.
500 */
501 m.dwSize = sizeof(MODULEENTRY32);
502 if (module_first(handle, &m))
503 do
504 RAND_add(&m, m.dwSize, 9);
505 while (module_next(handle, &m));
506
507 CloseHandle(handle);
508 }
509
510 FreeLibrary(kernel);
511 }
512
513#ifdef DEBUG
514 printf("Exiting RAND_poll\n");
515#endif
516
517 return(1);
518}
519
520int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam)
521 {
522 double add_entropy=0;
523
524 switch (iMsg)
525 {
526 case WM_KEYDOWN:
527 {
528 static WPARAM key;
529 if (key != wParam)
530 add_entropy = 0.05;
531 key = wParam;
532 }
533 break;
534 case WM_MOUSEMOVE:
535 {
536 static int lastx,lasty,lastdx,lastdy;
537 int x,y,dx,dy;
538
539 x=LOWORD(lParam);
540 y=HIWORD(lParam);
541 dx=lastx-x;
542 dy=lasty-y;
543 if (dx != 0 && dy != 0 && dx-lastdx != 0 && dy-lastdy != 0)
544 add_entropy=.2;
545 lastx=x, lasty=y;
546 lastdx=dx, lastdy=dy;
547 }
548 break;
549 }
550
551 readtimer();
552 RAND_add(&iMsg, sizeof(iMsg), add_entropy);
553 RAND_add(&wParam, sizeof(wParam), 0);
554 RAND_add(&lParam, sizeof(lParam), 0);
555
556 return (RAND_status());
557 }
558
559
560void RAND_screen(void) /* function available for backward compatibility */
561{
562 RAND_poll();
563 readscreen();
564}
565
566
567/* feed timing information to the PRNG */
568static void readtimer(void)
569{
570 DWORD w;
571 LARGE_INTEGER l;
572 static int have_perfc = 1;
573#ifndef __GNUC__
574 static int have_tsc = 1;
575 DWORD cyclecount;
576
577 if (have_tsc) {
578 __try {
579 __asm {
580 rdtsc
581 mov cyclecount, eax
582 }
583 RAND_add(&cyclecount, sizeof(cyclecount), 1);
584 } __except(EXCEPTION_EXECUTE_HANDLER) {
585 have_tsc = 0;
586 }
587 }
588#else
589# define have_tsc 0
590#endif
591
592 if (have_perfc) {
593 if (QueryPerformanceCounter(&l) == 0)
594 have_perfc = 0;
595 else
596 RAND_add(&l, sizeof(l), 0);
597 }
598
599 if (!have_tsc && !have_perfc) {
600 w = GetTickCount();
601 RAND_add(&w, sizeof(w), 0);
602 }
603}
604
605/* feed screen contents to PRNG */
606/*****************************************************************************
607 *
608 * Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V.
609 *
610 * Code adapted from
611 * <URL:http://www.microsoft.com/kb/developr/win_dk/q97193.htm>;
612 * the original copyright message is:
613 *
614 * (C) Copyright Microsoft Corp. 1993. All rights reserved.
615 *
616 * You have a royalty-free right to use, modify, reproduce and
617 * distribute the Sample Files (and/or any modified version) in
618 * any way you find useful, provided that you agree that
619 * Microsoft has no warranty obligations or liability for any
620 * Sample Application Files which are modified.
621 */
622
623static void readscreen(void)
624{
625 HDC hScrDC; /* screen DC */
626 HDC hMemDC; /* memory DC */
627 HBITMAP hBitmap; /* handle for our bitmap */
628 HBITMAP hOldBitmap; /* handle for previous bitmap */
629 BITMAP bm; /* bitmap properties */
630 unsigned int size; /* size of bitmap */
631 char *bmbits; /* contents of bitmap */
632 int w; /* screen width */
633 int h; /* screen height */
634 int y; /* y-coordinate of screen lines to grab */
635 int n = 16; /* number of screen lines to grab at a time */
636
637 /* Create a screen DC and a memory DC compatible to screen DC */
638 hScrDC = CreateDC("DISPLAY", NULL, NULL, NULL);
639 hMemDC = CreateCompatibleDC(hScrDC);
640
641 /* Get screen resolution */
642 w = GetDeviceCaps(hScrDC, HORZRES);
643 h = GetDeviceCaps(hScrDC, VERTRES);
644
645 /* Create a bitmap compatible with the screen DC */
646 hBitmap = CreateCompatibleBitmap(hScrDC, w, n);
647
648 /* Select new bitmap into memory DC */
649 hOldBitmap = SelectObject(hMemDC, hBitmap);
650
651 /* Get bitmap properties */
652 GetObject(hBitmap, sizeof(BITMAP), (LPSTR)&bm);
653 size = (unsigned int)bm.bmWidthBytes * bm.bmHeight * bm.bmPlanes;
654
655 bmbits = OPENSSL_malloc(size);
656 if (bmbits) {
657 /* Now go through the whole screen, repeatedly grabbing n lines */
658 for (y = 0; y < h-n; y += n)
659 {
660 unsigned char md[MD_DIGEST_LENGTH];
661
662 /* Bitblt screen DC to memory DC */
663 BitBlt(hMemDC, 0, 0, w, n, hScrDC, 0, y, SRCCOPY);
664
665 /* Copy bitmap bits from memory DC to bmbits */
666 GetBitmapBits(hBitmap, size, bmbits);
667
668 /* Get the hash of the bitmap */
669 MD(bmbits,size,md);
670
671 /* Seed the random generator with the hash value */
672 RAND_add(md, MD_DIGEST_LENGTH, 0);
673 }
674
675 OPENSSL_free(bmbits);
676 }
677
678 /* Select old bitmap back into memory DC */
679 hBitmap = SelectObject(hMemDC, hOldBitmap);
680
681 /* Clean up */
682 DeleteObject(hBitmap);
683 DeleteDC(hMemDC);
684 DeleteDC(hScrDC);
685}
686
687#else /* Unix version */
688
689#include <time.h>
690
691int RAND_poll(void)
692{
693 unsigned long l;
694 pid_t curr_pid = getpid();
695#ifdef DEVRANDOM
696 FILE *fh;
697#endif
698
699#ifdef DEVRANDOM
700 /* Use a random entropy pool device. Linux, FreeBSD and OpenBSD
701 * have this. Use /dev/urandom if you can as /dev/random may block
702 * if it runs out of random entries. */
703
704 if ((fh = fopen(DEVRANDOM, "r")) != NULL)
705 {
706 unsigned char tmpbuf[ENTROPY_NEEDED];
707 int n;
708
709 setvbuf(fh, NULL, _IONBF, 0);
710 n=fread((unsigned char *)tmpbuf,1,ENTROPY_NEEDED,fh);
711 fclose(fh);
712 RAND_add(tmpbuf,sizeof tmpbuf,n);
713 memset(tmpbuf,0,n);
714 }
715#endif
716
717 /* put in some default random data, we need more than just this */
718 l=curr_pid;
719 RAND_add(&l,sizeof(l),0);
720 l=getuid();
721 RAND_add(&l,sizeof(l),0);
722
723 l=time(NULL);
724 RAND_add(&l,sizeof(l),0);
725
726#ifdef DEVRANDOM
727 return 1;
728#endif
729 return 0;
730}
731
732#endif
diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c
index c6ff27be0e..29718bdb9d 100644
--- a/src/lib/libcrypto/rand/randfile.c
+++ b/src/lib/libcrypto/rand/randfile.c
@@ -61,8 +61,6 @@
61#include <stdlib.h> 61#include <stdlib.h>
62#include <string.h> 62#include <string.h>
63 63
64#include "openssl/e_os.h"
65
66#ifdef VMS 64#ifdef VMS
67#include <unixio.h> 65#include <unixio.h>
68#endif 66#endif
@@ -75,6 +73,7 @@
75# include <sys/stat.h> 73# include <sys/stat.h>
76#endif 74#endif
77 75
76#include <openssl/e_os.h>
78#include <openssl/crypto.h> 77#include <openssl/crypto.h>
79#include <openssl/rand.h> 78#include <openssl/rand.h>
80 79
@@ -139,7 +138,7 @@ err:
139int RAND_write_file(const char *file) 138int RAND_write_file(const char *file)
140 { 139 {
141 unsigned char buf[BUFSIZE]; 140 unsigned char buf[BUFSIZE];
142 int i,ret=0,err=0; 141 int i,ret=0,rand_err=0;
143 FILE *out = NULL; 142 FILE *out = NULL;
144 int n; 143 int n;
145 struct stat sb; 144 struct stat sb;
@@ -156,18 +155,18 @@ int RAND_write_file(const char *file)
156 } 155 }
157 } 156 }
158 157
159#if defined(O_CREAT) && defined(O_EXCL) && !defined(WIN32) 158#if defined(O_CREAT) && !defined(WIN32)
160 /* For some reason Win32 can't write to files created this way */ 159 /* For some reason Win32 can't write to files created this way */
161 160
162 /* chmod(..., 0600) is too late to protect the file, 161 /* chmod(..., 0600) is too late to protect the file,
163 * permissions should be restrictive from the start */ 162 * permissions should be restrictive from the start */
164 int fd = open(file, O_CREAT | O_EXCL, 0600); 163 int fd = open(file, O_CREAT, 0600);
165 if (fd != -1) 164 if (fd != -1)
166 out = fdopen(fd, "wb"); 165 out = fdopen(fd, "wb");
167#endif 166#endif
168 if (out == NULL) 167 if (out == NULL)
169 out = fopen(file,"wb"); 168 out = fopen(file,"wb");
170 if (out == NULL) goto err; 169 if (out == NULL) goto err;
171 170
172#ifndef NO_CHMOD 171#ifndef NO_CHMOD
173 chmod(file,0600); 172 chmod(file,0600);
@@ -178,7 +177,7 @@ int RAND_write_file(const char *file)
178 i=(n > BUFSIZE)?BUFSIZE:n; 177 i=(n > BUFSIZE)?BUFSIZE:n;
179 n-=BUFSIZE; 178 n-=BUFSIZE;
180 if (RAND_bytes(buf,i) <= 0) 179 if (RAND_bytes(buf,i) <= 0)
181 err=1; 180 rand_err=1;
182 i=fwrite(buf,1,i,out); 181 i=fwrite(buf,1,i,out);
183 if (i <= 0) 182 if (i <= 0)
184 { 183 {
@@ -194,7 +193,7 @@ int RAND_write_file(const char *file)
194 { 193 {
195 char *tmpf; 194 char *tmpf;
196 195
197 tmpf = Malloc(strlen(file) + 4); /* to add ";-1" and a nul */ 196 tmpf = OPENSSL_malloc(strlen(file) + 4); /* to add ";-1" and a nul */
198 if (tmpf) 197 if (tmpf)
199 { 198 {
200 strcpy(tmpf, file); 199 strcpy(tmpf, file);
@@ -211,7 +210,7 @@ int RAND_write_file(const char *file)
211 fclose(out); 210 fclose(out);
212 memset(buf,0,BUFSIZE); 211 memset(buf,0,BUFSIZE);
213err: 212err:
214 return(err ? -1 : ret); 213 return (rand_err ? -1 : ret);
215 } 214 }
216 215
217const char *RAND_file_name(char *buf, int size) 216const char *RAND_file_name(char *buf, int size)
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-25 04:11:14 +0000